﻿using AutoWrapper.Wrappers;
using Casbin.NET.Adapter.Dapper;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using NetCasbin;
using NetCasbin.Extensions;
using NetCasbin.Persist;

namespace CasbinABACDemo
{
    [Route("Demo")]
    [ApiController]
    public class DemoController : ControllerBase
    {
        private readonly Enforcer enforcer;

        /// <summary>
        /// 构造函数
        /// </summary>
        public DemoController(Enforcer inDI)
        {
            enforcer = inDI;
        }

        /// <summary>
        /// 测试Casbin功能
        /// </summary>
        /// <returns></returns>
        [HttpGet("TestCasbin")]
        public ApiResponse TestCasbin()
        {
            //添加自定义函数
            //enforcer.AddFunction("checkSuperAdmin", (string str) =>
            //{
            //    return enforcer.HasRoleForUser(str, "superadmin");
            //});

            /*
             * 规则定义：
             * 普通员工在8点-18点之间，对资源data1可以读写，data2只读，其它时间data1只能读，data2不能操作
             * 管理员在8点-18点之间，对资源data1可以读写删除，data2读写，其它时间data1只能读写，data2只能读
             *
             */
            //添加策略 8点-18点之间用1表示，其余时间用0表示
            //管理员-data1
            //enforcer.AddPolicy("admin", "data1", "read", "1");
            //enforcer.AddPolicy("admin", "data1", "read", "0");
            //enforcer.AddPolicy("admin", "data1", "write", "1");
            //enforcer.AddPolicy("admin", "data1", "write", "0");
            //enforcer.AddPolicy("admin", "data1", "delete", "1");
            ////管理员-data2
            //enforcer.AddPolicy("admin", "data2", "read", "1");
            //enforcer.AddPolicy("admin", "data2", "write", "1");
            //enforcer.AddPolicy("admin", "data2", "read", "0");

            ////普通用户-data1
            //enforcer.AddPolicy("user", "data1", "read", "1");
            //enforcer.AddPolicy("user", "data1", "read", "0");
            //enforcer.AddPolicy("user", "data1", "write", "1");
            ////普通用户-data2
            //enforcer.AddPolicy("user", "data2", "read", "1");

            //模拟一些请求
            List<Env> envList = new List<Env>();
            var e1 = new Env { Role = "admin", Operation = "read", Time = EnvExtensions.ConvertTimeToZeroOne() };
            var e2 = new Env { Role = "admin", Operation = "write", Time = EnvExtensions.ConvertTimeToZeroOne() };
            var e3 = new Env { Role = "admin", Operation = "delete", Time = EnvExtensions.ConvertTimeToZeroOne() };
            var e4 = new Env { Role = "user", Operation = "read", Time = EnvExtensions.ConvertTimeToZeroOne() };
            var e5 = new Env { Role = "user", Operation = "write", Time = EnvExtensions.ConvertTimeToZeroOne() };

            envList.Add(e1);
            envList.Add(e2);
            envList.Add(e3);
            envList.Add(e4);
            envList.Add(e5);

            foreach (var env in envList)
            {
                var pass = enforcer.Enforce(env, "data1");
                Console.WriteLine(DateTime.Now.Hour.ToString() + ": " + env.Role + "\t" + "data1" + "\t" + env.Operation + "\t" + pass);

                var pass2 = enforcer.Enforce(env, "data2");
                Console.WriteLine(DateTime.Now.Hour.ToString() + ": " + env.Role + "\t" + "data2" + "\t" + env.Operation + "\t" + pass2);
            }

            return new ApiResponse("ok");
        }
    }
}